A port scan attack occurs when an attacker sends different packets to your machine causing a variation to the intended port. This way they can gain access to unprotected servers, networks or systems. The scans enable them to exploit weaknesses in computers and access unauthorized information/data.
Ports are the system doors through which packets meant for another system leaves a machine. There are 65,536 ports, and each of them serves various purposes in a computer. Most internet sites are prone to this type of attacks, and the intruders use port scanners software/ applications to identify open ports on a server.
METHODS OF PORT SCANNING, AVOID A PORT SCAN ATTACK
The intruders can launch their attacks in either of the following ways;
TCP scanning; commonly used because it scans thousands of ports in a brief period facilitating hacking attempts.
FTP bounce scan; the scan occurs through File Transfer Protocol server (FTP). This method is mostly utilized to hide/protect the hacker’s real location.
SYN scan; it is a half-opened TCP scan that generates packets and waits for responses from open target ports.
Fragment packets; includes pieces of sent packets that can easily pass through some filters in firewalls.
Ping scan; sweeps an entire network or destination system to identify open ports that on can take advantage.
Undetectable Mode: functions via techniques that slow down the scans thus rendering them less detectable.
Vanilla; is a technique aiming all available potential ports.
Strobe mode: works through screening down the open ports to smaller number hence more easily to perform the invasion. Mainly it focuses on the selected ports.
PORT SCAN ATTACK PREVENTION PRACTICES
Administrators must regularly recheck their systems for any security vulnerabilities. Cases of a network breach should be promptly addressed to avoid further damages. There is reinforcing the computer’s firewall. It plays a vital role through limiting the services allowed through it.
Finally, use Intrusion Prevention System (IPS) to protect your computers through early detection and elimination of potential threats.